I installed a RADIUS server in my network (Windows 2008) and Active Directory which contains different users; I also have an access point (tp_Link) authenticated on RADIUS server. I am using Windows authentication.

I cant authenticate laptops outside the domain to the wifi.

How can i join this wifi from laptop outside the domain controller?

When connecting laptops (outside the DC) to this wifi, I keep seeing this error on laptop: "the certificate used by the server for this network is not installed properly on your computer"

1 Answer
1

The error you're seeing is a result of the client you're trying to join not having the required certificates.

Basically, before using certification-based authentication, your clients need a copy of the certificate(s) they'll use to authenticate. This is usually done by a GPO, and ideally a GPO that sets the wireless connection settings properly in addition to handing out the certificate(s).

So the short answer is that you can't join the laptop from outside the domain, at least not tat present. You'll need to connect it to the domain network to acquire the certs and cert trusts it needs (which may involve joining it to the domain and running gpupdate, or can be done manually if you know what you're doing) before it can used certificate-based authentication to authenticate against the RADIUS-enabled access point.